Tag: from ZD Net

Pure Storage is launching its software on Amazon Web Services with block storage, data protection and deduplication services in the public cloud. The aim for Pure Storage is to better bridge on-premises and cloud infrastructure.

The move highlights a few key trends in the enterprise space. First, hybrid architecture is becoming the new norm as companies aim to run applications in the cloud and data center interchangeably. In addition, data and storage players are positioning to handle more real-time workloads such as artificial intelligence, machine learning and analytics with solid-state storage. And storage is becoming more software defined.

Matt Kixmoeller, vice president of strategy at Pure, said the AWS effort is “the first time we’ve made our software consumable outside of hardware.” Pure is starting on AWS for mission critical applications and will look at adding other public clouds over time. “We are taking the time to do it right,” said Kixmoeller.

Pure’s effort–a suite of products called Pure Storage Cloud Data Services–reflects how enterprises went cloud first, then swung back to their own infrastructure and are moving apps to Kubernetes and containers. Kixmoeller noted that “hybrid isn’t an infrastructure as much as an application strategy.”

The rationale is that enterprises have evolved their cloud strategies from on-premises deployments to the cloud and ultimately applications that can run anywhere. Cloud first companies have moved some infrastructure on-premises but have arrived at the same hybrid application space.

At a high level, here’s a look at where Pure is looking to mix and match its software platform on AWS and in the data center.

In many ways, Pure’s effort is aided by the AWS and VMware partnership on hybrid infrastructure. Pure runs on top of VMware in on-premise storage and adding AWS is more of a natural fit. Pure1 cloud data management and Purity storage software will now run on AWS. In Pure Storage’s case, AWS is the equivalent of running its software an different hardware than its own.

Here’s what Pure Storage is rolling out:

Cloud Block Store for AWS, a block storage systems that uses Pure’s software to run natively on Amazon’s public cloud. Cloud Block Store for AWS is in limited beta.

CloudSnap for AWS, a data protection service built into Pure FlashArray. Under the systems, FlashArray snapshots are sent to AWS S3 storage. CloudSnap is generally available and addresses disaster recovery use cases where tape is still used.

Separately, Pure Storage reported its fiscal third quarter earnings. The company reported a third quarter net loss of $28.2 million, or 12 cents a share, on revenue of $372.8 million, up 34 percent from a year ago. The company’s non-GAAP earnings were 13 cents a share.

Wall Street was looking for third quarter non-GAAP earnings of 9 cents a share on revenue of $367.4 million.

The company increased gross margins to 66.8 percent, up from 65.5 percent a year ago.

As for the outlook, Pure projected fourth quarter revenue between $438 million and $446 million. For fiscal 2019, Pure projected revenue between $1.376 billion and $1.384 billion.

Featured stories

It’s almost weird that Cyber Monday is still a thing.

There used to be clear-cut lines between Black Friday and the Monday after, but now, most retailers and vendors — even the brick and mortar ones — hold their sales online. And they often start a full week before Thanksgiving and last for weeks.

This year, Cyber Monday will be Nov. 26. And while we know every site from Amazon to Walmart plans to discount many devices for the “holiday,” they’ve yet to announce their official sales and seem instead to be waiting for Black Friday to pass.

So, if you want to see what sort of Black Friday deals are happening, check out ZDNet’s guide here. If you’d like to see Cyber Monday deals instead, bookmark this page. We will update it when the sales go live with all the best tech deals to be had.

When is Cyber Monday?

Cyber Monday 2018 begins on the Monday following Black Friday. This year, it’s on Nov. 26.

How is Cyber Monday different from Black Friday?

Historically, Cyber Monday has been a single day of online sales, but now, it’s a week-long event (called Cyber Week) that follows weeks of pre-Black Friday and Black Friday sales.

As for Black Friday, it used to be an in-store-only, one-day only sale at brick-and-mortar shops. Now, it has taken over the month of November and is available online, too. So, both are fairly similar, with the exception being you will see more hype surrounding Black Friday.

Should you skip Black Friday?

No. Although Cyber Monday and Black Friday have basically become the same thing, it’s worth paying special attention to Black Friday deals. With savings both in-store and online, the item you want will most likely be discounted. If you wait until Cyber Monday, you might miss a great deal. Traditionally, Cyber Monday tends to have fewer deals available, and of course, it’s only online.

How do you know when a deal is a good deal?

Easy. You can check our guide here. But if you want to do some leg work yourself, we recommend using price trackers and checkers. There’s a website called camelcamelcamel that allows you to view price history for over 18 million products on Amazon. There is also a Chrome extension called WikiBuy that’ll tell if you an item is listed cheaper elsewhere.

But the best advice we have is to just compare prices at other retailers and vendors. It isn’t easy, but if you want to save money, it’s worth it.

What can you expect from Cyber Monday?

Your guess is as good as ours, but thankfully, we can look at past years to determine what to expect. Here are our best predictions:

Amazon will continue to have sales on its own devices. It’ll also have limited-time flash sales on products from other manufacturers.

Walmart will offer sales on everything from 4K TVs to laptops.

Best Buy will try to get you to shop at its store versus Amazon or Walmart, so there will likely be deep discounts across several tech categories.

eBay will have sales on everything from sneakers to smartwatches.

You get the idea. Deals galore.

Which retailers will have the best Cyber Monday deals?

Glad you asked! We rounded them up below.

Best Cyber Monday 2018 deals: Retailers

Amazon

Amazon has yet to announce its official Cyber Monday 2018 deals.

Best Buy

Best Buy has yet to announce its official Cyber Monday 2018 deals.

Costco

Costco has yet to announce its official Cyber Monday 2018 deals.

eBay

eBay has yet to announce its official Cyber Monday 2018 deals.

Jet

Jet has yet to announce its official Cyber Monday 2018 deals.

Newegg

Newegg has yet to announce its official Cyber Monday 2018 deals.

Office Depot and Office Max

Office Depot and OfficeMax has yet to announce their official Cyber Monday 2018 deals.

Sam’s Club

Sam’s Club has yet to announce its official Cyber Monday 2018 deals.

Staples

Staples has yet to announce its official Cyber Monday 2018 deals.

Target

Target has yet to announce its official Cyber Monday 2018 deals.

Walmart

Walmart has yet to announce its official Cyber Monday 2018 deals.

Best Cyber Monday 2018 deals: Vendors

Google Store

Google and Google-owned Nest have announced a bunch of deals that will extend through Cyber Monday, with some sales starting as early as Nov. 18.

Dell

Dell has yet to announce its official Cyber Monday 2018 deals.

HP

HP has yet to announce its official Cyber Monday 2018 deals.

Lenovo

Lenovo has yet to announce its official Cyber Monday 2018 deals.

Microsoft Store

Microsoft has yet to announce its official Cyber Monday 2018 deals.

For more great deals on devices, gadgetry, and technology for your enterprise, business, or home office, see ZDNet’sBusiness Bargain Hunter blog. Affiliate disclosure: ZDNet earns commission from the products and services featured on this page.

Intuit had a strong first quarter as it continues to grow revenue from its online ecosystem. The personal and small business financial software maker reported a Q1 net loss of $10 million million, or 13 cents per share, compared to a loss of $35 million a year ago.

Featured stories

Non-GAAP earnings were 29 cents per share on top of revenue of $1 billion, up 12 percent year over year.

Wall Street was expecting earnings of 11 cents per share with $968.88 million in revenue. Intuit’s shares were up around 6 percent after hours.

Intuit said it expects Q2 EPS ranging from a 85 cents a share to 88 cents a share, which falls well above analyst estimates for 77 cents a share. Revenue is expected to range from $1.47 billion to $1.49 billion, above current estimates of $1.45 billion.

As for the rest of Intuit’s portfolio, the company said it increased QuickBooks Online subscribers by 41 percent to end the quarter with 3.6 million paid subscribers. Intuit’s QuickBooks Self-Employed product also saw subscriber growth on the up, ending the quarter with 745,000 users. Intuit said sales from its consumer tax products grew 22 percent.

“Small Business and Self-Employed Group delivered another strong quarter and we expect momentum to continue as we place an increased emphasis on online services to deliver greater value to our customers,” said Intuit chief executive Brad Smith While this is great start to the year, there’s plenty of game to be played, with our two largest quarters ahead of us.”

More Tech Earnings

Featured stories

Modern technology developers often use terms such as minimum viable product and iterative development. Startup companies popularized these lean startup approaches to develop products while conserving resources and achieving product-market fit. Under these management approaches, developers release small products and then rapidly make incremental changes based on market feedback and adoption. This process saves time and money while ensuring that new features correspond to real user needs.

Although minimum viable products and iterative development originally took hold among startups, today, virtually every innovative technology organization I speak with uses this approach. Conversations with chief information officers and chief digital officers routinely turn to incremental development based on customer feedback and rapid turnaround times. even chief marketing officers talk about marketing projects in these terms.

Despite the extent to which business and government organizations have adopted rapid prototyping and development, applying these principles to non-profits is still relatively new and not always easy.

Non-profits face a different set of challenges than profit-making businesses. For example — and this is but one example among many — businesses can see a direct and often immediate link between product changes and user behavior: Instrument your app or website, make a change and observe the clicks to see user impact. In contrast, many non-profits measure results over time in terms of broader social benefit rather than clicks; obviously, this is much harder to measure and iterate quickly.

Despite the challenges, there is great value in applying iterative techniques to non-profits. To teach non-profits how to accomplish this goal, the former chief innovation officer of USAID, Ann Mei Chang, wrote a new book called Lean Impact, which presents advice on how to apply lean startup principles to social impact and non-profit organizations.

The clear importance and value of applying these principles to non-profits led me to invite Ann Mei to be a guest on episode 313 of CXOTalk, a video and podcast show that offers conversations with the world’s top innovators in business, technology, and health care.

During our conversation, Ann Mei explains principles of the lean startup movement, on which her book is based. She then describes how non-profit organizations can apply these principles to their own operations.

Ann Mei is uniquely qualified to speak about these topics, given her unusual background, which equally spans business and non-profits. She currently works as executive director of Lean Impact at the Lean Startup Company, founded by Eric Reis, whose books lay the foundation for lean startup principles.

This episode of CXOTalk offers a unique and clear look into how organizations focused on social impact can apply the techniques of lean startups.

Watch the entire video embedded above and read excerpts below. You can also read the entire transcript over at the CXOTalk website.

How did you come up with applying lean startup techniques to non-profits and social impact organizations?

Ann Mei Chang: It was really an evolution. There are not that many people who span both worlds. I spent so much of my career in the tech sector that lean startup was essentially in my blood. In fact, when I first went into government, it was a big shock in a way because things worked so differently in government than they do in Silicon Valley. One of those things was that, in government, we like to plan in a lot of details for years in advance and then execute on those plans because we’re very risk-averse; we’re a very planning-oriented culture.

What I found myself doing was really encouraging people to plan a little less, do a little bit more, and really get out in the field and try things, learn, and iterate. It was sort of like just the instinct that I had. At the time, I hadn’t picked up The Lean Startupyet. I was in D.C., and it wasn’t as much a thing there yet, and so I didn’t necessarily have a language for it. When I found out that Eric had written this book, The Lean Startup, and started learning about it, it gave me a language to talk about these concepts that I was really trying to explain to people and didn’t really make sense to them up to that point.

Coming from Silicon Valley and into this world of global development that I was in, everybody wanted to approach me and talk about technology and talk about, could I build an app, a website, or so forth? I certainly tried to help where I could, but what I started to believe, as I learned more and more about what was going on, is that while technology could make a big difference in many of the things that were being done, that a different way of working, a different mindset, a different approach that was exemplified by The Lean Startup, could help us just produce far greater impact at far greater scale.

Explain the concept of “lean impact”?

Ann Mei Chang: Maybe I should back up a little bit for the parts of the audience maybe who aren’t yet familiar with lean startup and talk a little bit about that. The Lean Startup is a book that was written by Eric Ries about seven years ago. It captures the best practices of how innovation happens in Silicon Valley.

Eric talks about the lean startup as a methodology for building products and services under conditions of extreme uncertainty. This is certainly true for startup companies who are trying to create products and services that no one has ever done before, and so there’s a lot of uncertainty there. In this world of uncertainty, rather than trying to think we have all the answers and come up with a great plan that we can invest a ton in that plan, I think we need to be a little bit more humble and really understand where our assumptions are, understand what the risks are, and test for them.

In essence, lean startup, I think of it as an entrepreneurial version of the scientific method that you have a hypothesis about a solution that will hopefully work to solve a certain problem. You build what we call an MVP (minimum viable product) to test that assumption. Then you measure the results. You gather data on what happened. Then you learn. You learn that it worked exactly as you hoped, and you can double down, or maybe you learned that it didn’t work as you expected and you either need to tweak your solution or pivot and take a completely different path.

How can non-profits use the concept of a minimum viable product?

Ann Mei Chang: That’s a great question, and that’s one of the many challenges that make innovating for social good harder. The minimum viable product is essentially trying to come up with the smallest, quickest, cheapest way to learn about something where you have a high degree of uncertainty. Again, in the social sector, we often are trying to solve problems that are long-time, intractable, and in conditions that are highly dynamic, and so there is a lot of uncertainty, and there’s a lot that we need to learn.

The question to ask is, what is the cheapest, quickest way we can learn whether something will work? Just as an example, in Africa, different companies offer home solar systems using a new business model. With mobile money, people can pay a few cents every day to purchase their home solar system over time because they don’t have the upfront capital to be able to pay for these solar systems upfront.

One way you might do this is to build out these new systems with all the technology, manufacture them, and then hire a whole salesforce and distribute them. A company called Off-Grid Electric, that I spoke to, thought this was a great idea, but they knew it needed to be tested.

Theysent a person from village to village to collect money, manually, first, to see would people buy a solar system and pay it off over time. Is that something people would find valuable enough? Would they keep paying the money? Only after they showed that people would do that did they manufacture the systems and deploy them in a way that could really be scaled.

It’s just one example. The MVP could be as simple as a flyer, which they also used to test out to see, hey, what kind of bundles would people be more interested in? Would they like to have a bundle with just some lights, is a radio important, or maybe even a TV? Would they be willing to pay more?

The goal is looking at the simplest, quickest way that we can answer those questions. That’s a minimum viable product.

How is this different from what typically happens in non-profits?

Ann Mei Chang: I get that question a lot. We are equally trying to solve tough problems at large-scale, but when we’re tackling social challenges, we need tools to innovate. It’s also a lot harder, honestly. There are a number of reasons.

One of the biggest reasons is the nature of funding. If you’re a tech company or even any business, you usually have a customer that you’re trying to serve, and you build a product or service for them. The customer pays for that product or service, and so there’s a direct feedback loop. If people don’t like your product, they aren’t going to pay for it. You learn very quickly if you’re on the mark or not.

When you’re talking about social good, a lot of times who are paying for your product is different than the customer, and so you have already this complication where your feedback loop involves two very different parties who have maybe two very different interests. And so, that complicates things. It makes it harder to drive your feedback loop.

On top of that, funders in the social sector, especially funders for non-profits, tend to be very restrictive. They want to know your whole plan up front and then see you execute on that plan. They’re often also very risk-averse. They’re looking for immediate results. That also makes it hard to innovate. It makes it hard to pivot, experiment, and take risks. Some of these systemic constraints make it very difficult for non-profits to do the sort of testing and iteration that’s needed to innovate.

On top of the funding side of the equation, there’s also some innate challenges. It’s harder to measure social impacts like, are you breaking the cycle of poverty? Are you making a society more resilient and democratic? Are you developing? Are you helping kids get better education?

These are things that take time, often, to answer, much harder than, for example, seeing if somebody makes an e-commerce purchase. These kinds of challenges exist in the social sector that don’t exist in the tech world or even in the business world.

Also, I think we need to be much more thoughtful and careful when we’re experimenting with people who are vulnerable already. We can’t do the Silicon Valley thing of move fast and break things because we’re talking about real people here and real lives.

Do non-profits possess the right mindset and the culture to operate this way?

Ann Mei Chang: I think that the culture derives from incentives, and incentives derive from goals. If you think about it, I believe that innovation, at its foundation, the birthplace of innovation is in an audacious goal. You imagine President Kennedy challenged us to send a man to the moon.

When you have goals that are achievable with business as usual or with some minor improvements to business as usual, there’s no reason to take risks or innovate. I think that often is true in the way non-profits are funded. They’re funded to do something that we know how to do and that we can deliver relatively immediate results and do so with high confidence. But again, if we have problems that we’re trying to solve, which that’s not going to be sufficient in solving, I would argue that we need to set much more audacious goals.

The first place that I start with, with Lean Impact, is to say we need to think bigger. The core of Lean Impact is about thinking bigger and starting smaller. Instead, I think, when it comes to social good, we often think too small and start too big. How do we flip that around and set an audacious goal? When you have a goal that is ten times what you’re doing today or 100 times what you’re doing today, and you’re not going to get there with your current path, then it forces you to take risks, and it forces you to test and iterate to find a better way.

When you start setting up the incentives that way, then I think the culture starts to shift around being more agile because you’re trying to do something you can’t do just by doing the same old thing.

You talk about vanity metrics. Tell us about that?

Ann Mei Chang: Vanity metrics is a term that Eric Ries coined in The Lean Startup. It refers to absolute numbers, typically, that sound really good but don’t indicate whether something is actually any good. Just as an example, in the social sector, if you look at your favorite non-profit’s website, they’ll usually tell you how many people that they’ve reached, touched, served, benefited in some way.

If I say that I have touched a million people or helped a million people, what does that mean? I may have done something for them. I may have trained them. I may have given them a product or service, but did it make their lives better? It doesn’t say that.

Even if we knew we made their lives better, could somebody else have made their lives better or done more with the same amount of money? Is it the most cost-effective solution, is another question. The third is that even if we made their lives better and we’re more cost-effective than other solutions, and so we did the best we could with the money, do we have a path to scale, or are we only reaching a small tiny fraction of the people who could benefit?

These absolute numbers, such as how many people did we touch, tend to drive organizations to reach more people without sufficient regard to how well it’s working or how they are going to scale.

In The Lean Startup and Lean Impact, we talk about actionable metrics or innovation metrics that are generally at the unit level. It’s looking at, for example, for every 100 people we reach, what percentage excepts what we have to offer? What percentage are successful? What percentage changed their behavior, and at what cost? What’s the unit cost for each person that we reach?

So, optimizefor unit metrics, for example, the percentage behavior change that has increased or the dollars that are required for the training decrease. Those things will be highly leveraged and increase, magnifying impact over time as you scale. Those are the metrics that, when you’re focused on innovation, you want to track on a regular basis to understand, are we moving the needle on these metrics that matter versus the aggregate numbers, which is just a measure of activity, not of progress.

CXOTalk offers in-depth conversations with the world’s top innovators. Be sure to watch our many episodes!

Previous and related coverage:

A top executive at Vodafone shares the future of telecom and explains how innovative enterprises are building new applications to use the high bandwidth and low latency of 5G networks that will be available soon.

Go behind the scenes with the president of an NHL hockey to learn about customer experience and why building community is crucial. He also explains what’s wrong with the term “digital transformation” and how to create genuine fan relationships. Watch the video and listen to the podcast!

The Russian Federation has responded to a lawsuit filed by the Democratic National Committee and has requested the overseeing court to throw out the lawsuit altogether.

More security news

The lawsuit, filed by the DNC in April 2018, names a slew of figures as defendants, such as the Russian state, Russia’s military intelligence service GRU, the hacker known as Guccifer 2.0, WikiLeaks and its founder Julian Assange, and several members of the Trump campaign, such as Donald Trump, Jr., Paul Manafort, Roger Stone, Jared Kushner, and George Papadopoulos.

According to an 87-page indictment, the DNC accused Russia and the other defendants of carrying out the hacking of DNC servers in 2016 and then leaking data online via the WikiLeaks portal in an orchestrated manner for the benefit of the Trump presidential campaign.

The lawsuit, which has its own Wikipedia page and was likened to a lawsuit the DNC filed against Nixon after the Watergate scandal, seeks damages, but also for the court to issue a declaration about the defendants’ conspiracy.

But in a letter sent to a New York court, presented by the Russian Embassy in the US and signed by a representative of the Russian Ministry of Justice, the Russian Federation wants the lawsuit thrown out.

In the 12-page letter, the Russian Federation argues that the US Foreign Sovereign Immunities Act (“FSIA”) grants Russia immunity.

“The FSIA provides that foreign sovereign States enjoy absolute jurisdictional immunity from suit unless a plaintiff can demonstrate that one of the FSIA’s enumerated ‘exceptions’ applies’,” the letter argues.

“The DNC’s allegations regarding a purported ‘military attack’ by ‘Russia’s military intelligence agency’ do not fall within any of

the FSIA’s enumerated exceptions to the Russian Federation’s sovereign immunity.”

More specifically, Russia argued that a country’s military operations are immune from civil lawsuits, like the one filed by the DNC.

Any alleged “military attack” is a quintessential sovereign act that does not fall within any exception to the FSIA or the customary international law of foreign sovereign immunity. The Russian Federation’s sovereign immunity with respect to claims based upon such allegations is absolute.

In addition, Russia also reminded the court that the US has many times benefited from the same international accords in regards to its military’s cyber operations.

Indeed, the United States benefits significantly from the sovereign immunity that it enjoys (and U.S. officials enjoy) in foreign courts around the world with respect to the United States’ frequent acts of cyber intrusion and political interference. As current and former U.S. officials have acknowledged on many occasions, the United States–acting primarily through the National Security Agency (NSA) within the U.S. Department of Defense–is one of the most prolific practitioners of cyberattacks and cyber-intrusions on the planet.

The Russian Federation argues that such incidents are “State-to-State matters” and should be resolved between governments, and not in courts.

“The DNC’s allegations do not permit the U.S. District Court to exercise jurisdiction in this case,” the Russian Federation’s letter said, suggesting that the court should throw out the lawsuit on the basis of a lack of jurisdiction in the matter.

The letter and the judge’s decision will be closely watched by the entire world, especially by countries with cyber divisions and which actively engage in cyber-attacks, or have been the victims of cyber-attacks. If a precedent is created, this could open the door for countless litigation cases around where American, Russian, UK, Chinese, or Israeli military hackers have been involved.

This decision won’t affect the charges brought forward by the Department of Justice over the summer, as they are viewed as a criminal matter and not a civil case. In July, the US charged 12 Russian spies based on an investigation carried out by US special counsel Robert Mueller.

More security news:

Microsoft is acquiring app-provisioning vendor FSLogix for an undisclosed amount. Microsoft plans to use FSLogix’ technology to improve the Office 365 virtualization experience, according to a November 19 blog post announcing the deal.

Microsoft officials said they anticipate that FSLogix will help provide faster load times for user profiles in Outlook and OneDrive. They also said FSLogix should help make Office 365 ProPlus better performing in multi-user virtual environments, including the Windows Virtual Desktop service which Microsoft announced in September.

FSLogix is headquartered in Atlanta. According to a company profile on its web site, FSLogix’ products “reduce the amount of hardware, time and labor required to support desktop virtualization platforms.” FSLogix has implementations ranging from less than 1,000 to over 50,000 users, according to the company.

Featured stories

You might have heard the phrase shadow IT, but what does it mean for a small business? Shadow IT is the increasingly common situation where technology is implemented without the knowledge of the IT department.

Shadow IT is not a new practice. Employees have used their own computing workarounds for years, using practices that are not acceptable to the IT department. Think, for example, of employees downloading company data to a USB stick, or using an unapproved software tool to complete a task.

What is new, however, is the scale of shadow IT. Gartner says technology professionals are making fewer IT decisions for the rest of the business. The analyst says as many as 38 percent of technology purchases are now managed, defined and controlled by business leaders.

Understanding the risks of shadow IT

The cloud is the key factor that has enabled this rapid growth of shadow IT. Employees can use the cloud to buy technology services on-demand, often without the say-so of the technology team. CIOs in large firms are being circumnavigated by line-of-business decision makers who are buying their own apps.

That’s a problem for a variety of reasons. IT departments are unaware of what applications are being used and how data is being stored. When a service breaks and the business demands a fix, it could be the first time the IT team is aware the software is being used in the organisation.

Fixing that software could be a challenge, especially as the expertise to solve those service issues might lie outside the traditional IT department. Auditing software assets becomes a challenge too, as it’s much harder to track and trace how software is being purchased, implemented and used.

Add in the serious security risk associated to unapproved services and it’s easy to see why shadow IT has received a bad reputation. And while shadow IT can be a huge challenge for big firms, it can also cause significant issues for smaller firms. All those support, servicing and security issues could arise in your company as well, especially if the people running the business are unaware of how software is being procured.

Placing shadow IT into the context of small businesses

That siloed way of working won’t succeed in a small business. One of the major benefits of working in a smaller firm is there tends to be a stronger sense of collaboration. When your business numbers hundreds, it’s possible to get know most people well; when it numbers thousands at a global scale, it’s impossible.

Almost two-thirds (61 percent) of SMBs agree or strongly agree that their company encourages and rewards collaboration, reports SMB Group. The researcher says as many as 70 percent of small firms agree or strongly agree that their communication and collaboration solutions help improve productivity.

Cloud and communication technologies are already playing a key role here, helping SMB employees to communicate anytime, anywhere. Yet there is more that can be done. Small business owners must encourage their workers to foster this adoption of digital technology and this sense of interactivity.

Rather than succumbing to the pressure of shadow IT, small businesses should embrace the opportunity to develop new innovative uses of technology. In fact, the close interactions of a smaller team make Agile and DevOps the perfect solution for end user-focused development.

Making the most of Agile and DevOps

SMBs can use the close connection between functions and individuals to create collaborative working practices. Rather than sitting in isolation, developers, IT specialists and business leaders can work on new initiatives in combination. They can work together to chat about business concerns and develop digital, cloud-based services to these challenges.

The mechanism for this collaborative approach is Agile methods and DevOps techniques. Rather than traditional Waterfall techniques, where business requests are cascading down to the IT department, Agile demands an iterative approach, where people across from the organisation work together to keep honing the digital solution to the business challenge

DevOps is the glue that helps bring development and operations teams together. It uses practices, like continuous integration and automated testing, to foster ongoing improvements in the services your business demands and creates. It’s an approach that suits small firms perfectly, because of the tight working relationships between business units.

In combination, Agile and DevOps provide a way to overcome the issues inherent to shadow IT. Rather than going off and buying its own technical solutions through the cloud, the rest of the business is always working with IT professionals and developers. The result is better, flexible services that meet business demands and customer requirements.

Conclusion – Using the cloud to become more flexible

Shadow IT presents a considerable challenge for SMBs but it does not have to be an intractable one. Your firm can use the benefits of the cloud to foster new collaborative approaches to software development, possibly drawing on Agile and DevOps to create continuous improvements in the services it creates. The result is a clear business advantage for smart-thinking SMBs.

A bug in EA’s Origin online gaming and digital distribution platform allows a malicious party to gain access to account data, a security researcher has discovered.

More security news

“I originally discovered the bug on October 1,” a security researcher known online as Beard told ZDNet in an interview last week.

“The bug occurs when you use the EA Origin client but request to edit your account on EA.com,” he said. “The EA Origin client will spit out an auto-login URL, in which the token is basically the equivalent of your active username and password.”

Such auto-login URLs are very common and used by many desktop and web-based applications. But in most cases, the auto-login URLs are tied to the user’s IP address or cookie files already registered in the user’s name, meaning they can’t be used by anyone except the user.

But this was not the case with the EA Origin auto-login URL. Beard told ZDNet that this auto-login URL worked regardless of IP address or browser. The researcher shared a video of the bug in action with ZDNet last month, and also uploaded it on Twitter:

“If you’re on an unsecured network or WiFi hotspot; like at a cafe or hotel, someone can easily grab these token auto-login URLs and basically log in as the end user who requested these token links,” Beard said.

Furthermore, these auto-login URLs could also be collected by IoT malware/botnets that have infected home routers, allowing criminals to automate the mass-harvesting of EA account data.

The researcher says an attacker could use the auto-login URL to collect information from the user’s EA settings panel, such as a player’s real name, the last four digits of his credit card, the last digits of his phone number, order history, and more.

Some of this information may prove useless for online fraud, but if crooks manage to guess a user’s security question, they could also hijack the EA account entirely, and use any stored payment methods to purchase games for the new account owner.

But Beard also warns that the vulnerability would be a treasure trove for attackers attending gaming conventions or competitions, where people are most likely to use unsecured WiFi networks and use the EA Origin client and its auto-login feature.

In the highly competitive world of online gaming, this vulnerability could lead to doxxing or the hijacking of accounts belonging to famous players or streamers.

“EA has been informed, and have stated they’re working on an upcoming patch to fix this bug,” Beard told ZDNet. An EA spokesperson did not reply to a request for comment we sent last week seeking more information about the planned patch.

More security news:

SAP has announced the acquisition of Contextor SAS in a bid to boost the company’s machine learning and robotic automation portfolio.

Featured stories

On Monday, the software solutions provider said the purchase will help SAP accelerate the development of the Leonardo machine learning solution, a platform for the creation of enterprise machine learning and automation-based apps and software.

Financial details were not disclosed.

Contextor SAS, based in Orsay, France, is a small European company focused on robotic process and desktop automation, offering products which are compatible with Microsoft Remote Desktop setups, XenDesktop workstations, and XenApp application servers.

Founded in 2000 by Patrick Lemare, Contextor now accounts for over 100,000 bot deployments using automation for business processes. The company previously received €600K in a venture-stage funding round.

SAP says that Contextor’s robotic process automation technology will be used to simplify interface interactions between SAP and non-SAP apps and environments.

Furthermore, the acquisition will build upon SAP’s Leonardo machine developments, announced in October, which included investment in intelligent robotic process automation (RPA) designed to “help SAP automate repetitive processes across its portfolio.”

Intelligent RPA capabilities are scheduled for inclusion into SAP S/4HANA in the first half of 2019, with other SAP applications to follow.

The most interesting aspect of the deal, however, is that SAP plans to use Contextor’s RPA technologies to automate at least half of all the tech giant’s processes related to SAP ERP software over the next three years.

“With intelligent RPA accelerated by Contextor, businesses will be able to achieve the high automation level necessary to become intelligent enterprises,” said Markus Noga, head of machine learning at SAP. “The acquisition is a big step towards orchestrating process automation and will help SAP inject RPA capabilities into our applications, first and foremost into SAP S/4HANA.”

In related news, earlier this month SAP announced the acquisition of Qualtrics in a deal worth $8 billion. Rather than go public, Qualtrics agreed to the buyout, giving SAP access to the Qualtrics product suite which covers HR & customer processes and data including analytics, employee engagement, and retention, as well as exit interviews.

In Q3 2018, SAP reported total revenue of €6.02 billion IFRS or earnings per share of €0.82, up eight percent year-over-year.

Previous and related coverage

Kodak and Smart International, the company that licenses the Kodak name for 3D printing, have launched a 3D printer that’s powered by a Raspberry Pi 3.

More on innovation

The era of film once dominated by Kodak might be over but the iconic brand is being used to capitalize on the 3D printing market, offering a range of cheaper models catering to designers, hobbyists, schools, and consumers.

Kodak and Smart International this week took the wraps off the Kodak Portrait 3D printer, a dual extrusion desktop system and the first Kodak-branded 3D printer since the companies announced a licensing agreement last October.

The Kodak device can be signed up to the Kodak 3D cloud, which is used to upload, share and adjust objects. There’s also a camera to remotely monitor jobs underway. The device automatically records a time-lapse movie of the job.

The printer employs LED lights to show its status. Blue means it’s idle and available to use, while orange means it’s heating up, and white means it’s actively printing.

The companies are also selling Kodak-branded 3D filaments, including different grades of PLA, ABS, Flex 98, HIPS, PETG, water-soluble PVA and two grades of nylon.

According to Kodak, the 3D printer is aimed at the professional market. However, as Kodak admits in a brochure, its first 3D printer is joining a “very crowded marketplace with hundreds of models”.

But the Kodak printer stands out with “above-average print volume” of 10 liters. It fits on a desk and can be carried “by a person or two”.

According to Kodak, the filaments are “specially manufactured and packaged to ensure low moisture and high dimensional accuracy, and come in a wide color palette, including, of course, Kodak’s Trade Dress Yellow”.

At the core of the $3,500 Kodak printer is a Raspberry Pi 3 running the Raspbian-based 3DPrinterOS.